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DETAILED ACTION 



Claims 1-17 are pending in the application. 
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Claims 1-17 stand being rejected. 



Response to Amendment 
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The examiner approves the new title. 



Response to Arguments 



4. Applicant's arguments filed 3/1/04 have been fully considered but they are not persuasive. 

On page 4, the applicant argues that Dean does not disclose or even suggest a subscriber 
identification module comprising a processor that generates a plurality of keys in response to a 
received challenge as recited in independent claim 1. The applicant argues that Dean does not 
disclose or even suggest generating an initial value based upon a key from the plurality of keys 
as in claim 1. The applicant argues that Reeds does not disclose or even suggest a subscriber 
identification module comprising a key generation element and a signature generator configured 
to receive a secret key from the key generation element. The applicant argues that Reeds does 
not disclose or even suggest generating a plurality of keys and transmitting at least one key from 
the plurality of keys to a communication device communicatively coupled to a subscriber 
identification device. The applicant argues that Reeds does not disclose or even suggest a set of 
instructions for selectively generating a primary signature based upon a key that is private from a 
mobile station and a secondary signature that is received from the mobile station as in claim 17. 

The examiner respectfully disagrees. In response to the argument that Dean does not 
disclose or even suggest a subscriber identification module comprising a processor that generates 
a plurality of keys in response to a received challenge, the examiner that Dean teaches a random 
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key generator that is capable of generating a plurality of keys, in response to a received 
challenge, if there was a plurality of subscribers. In response to the argument that Dean does not 
disclose or even suggest generating an initial value based upon a key from the plurality of keys, 
the initial value that the examiner used to meet this recitation was the digital signature formed 
from the first key. In response to the argument that Reeds does not disclose or even suggest a 
subscriber identification module comprising a key generation element and a signature generator 
configured to receive a secret key from the key generation element, Reeds teaches both keys and 
signatures. It is suggested however that both are generated. Even though it's not explicitly 
stated that there are generators, without a key generator or a signature generator, neither could 
exist. In response to the argument that Reeds does not disclose or even suggest generating a 
plurality of keys and transmitting at least one key from the plurality of keys to a communication 
device communicatively coupled to a subscriber identification device, the examiner points out 
that it's the "secret" key that is transmitted to a user's cellular device. In response to the 
argument that Reeds does not disclose or even suggest a set of instructions for selectively 
generating a primary signature based upon a key that is private from a mobile station and a 
secondary signature that is received from the mobile station, the examiner points out to the 
applicant that the primary signature is created by the mobile unit's secret key and that the base 
station creates its own signature to authenticate itself to the mobile unit. 

On page 5, the applicant argues that there is no prima facie case of obviousness for 
rejections made under 35 USC § 103. 

The examiner respectfully disagrees. In response to applicant's argument that there is no 
suggestion to combine the references, the examiner recognizes that obviousness can only be 
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established by combining or modifying the teachings of the prior art to produce the claimed 
invention where there is some teaching, suggestion, or motivation to do so found either in the 
references themselves or in the knowledge generally available to one of ordinary skill in the art. 
See In re Fine, 837 F.2d 1071, 5 USPQ2d 1596 (Fed. Cir. 1988) and In re Jones, 958 F.2d 347, 
21 USPQ2d 1941 (Fed. Cir. 1992). In this case, Deindel et al and Schneier provide the missing 
limitations in Dean and Reeds respectively. 

Claim Rejections - 35 JJSC § 102 
The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 
35 U.S.C. 102(e)). 

5. Claims 1 and 5 are rejected under 35 U.S.C, 102(b) as being anticipated by Dean et al 
U.S. Patent No. 6,173,173 Bl. 
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As to claim 1, Dean et al discloses a memory and a processor configured to implement a 
set of instructions stored in the memory [column 3, line 17-33], Dean et al discloses generating a 
plurality of keys in response to a received challenge [column 15 line 54 to column 16 line 35]. 
Dean et al discloses generating an initial value based upon a first key from the plurality of keys 
[column 16, lines 15-35]. Dean et al discloses concatenating the initial value with a received 
signal to form an input value [column 16, lines 15-35]. Dean et al discloses that the received 
signal is transmitted from a communications unit communicatively coupled to the subscriber 
identification module [column 16, lines 15-35]. Dean et al discloses that the received signal is 
generated by the communications unit using a second key from the plurality of keys, the second 
key having been communicated from the subscriber identification module to the communications 
unit [column 16, lines 15-35]. Dean et al discloses hashing the input value to form an 
authentication signal [column 16, lines 60-67], Dean et al discloses transmitting the 
authentication signal to the communications system via the communications unit [column 16, 
lines 15-35]. 

As to claim 5, Dean et al discloses receiving the second key from the subscriber 
identification module [column 13 line 35 to column 14 line 16]. Dean et al discloses generating 
a local initial value based upon the second key [column 13 line 35 to column 14 line 16]. Dean 
et al discloses concatenating the local initial value and a message to form a local input value 
[column 16, lines 15-35]. Dean et al discloses hashing the local input value to form the received 
signal [column 16, lines 15-35]. Dean et al discloses transmitting the received signal to the 
subscriber identification module [column 16, lines 15-35]. 
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6. Claims 8-13, 15 and 17 are rejected under 35 U.S.C 102(b) as being anticipated by 
Reeds, III U.S. Patent No. 5,204,902. 

As to claim 8, Reeds et al discloses a key generation element [column 4, lines 32-46]. 
Reeds et al discloses a signature generator configured to receive a secret key from the key 
generation element and information from a mobile unit [column 5, lines 24-34]. Reeds et al 
discloses generating a signature that will be sent to the mobile unit [column 6, lines 3-35]. Reeds 
et al discloses that the signature is generated by concatenating the secret key with the 
information from the mobile unit and hashing the concatenated secret key and information 
[column 6, lines 24-35]. 

As to claim 9, Reeds et al discloses that the generation element comprises a memory and 
a processor configured to execute a set of instructions stored in the memory [column 4, lines 27- 
31]. Reeds et al discloses that the set of instructions performs a cryptographic transformation 
upon an input value to produce a plurality of temporary keys [column 4, lines 32-46]]. 

As to claim 10, Reeds et al discloses that the cryptographic transformation is performed 
using a permanent key [column 4, lines 27-31], 

As to claim 11, Reeds et al discloses a key generator for generating a plurality of keys 
from a received value and a secret value [column 4, lines 32-46], Reeds et al discloses that at 
least one communication key from the plurality of keys is delivered to the communications unit 
and at least one secret key from the plurality of keys is not delivered to the communications unit 
[column 7 line 41 to column 8 line 60]. Reeds et al discloses a signature generator for generating 
an authorization signal from hashing a version of the at least one secret key together with an 
authorization message [column 6, lines 36-67], Reeds et al discloses that the authorization 
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message is generated by the communications unit using a version of the at least one 
communication key [column 6, lines 36-67]. 

As to claim 12, Reeds et al discloses that the subscriber identification module is 
configured to be inserted into the communications unit [column 4, lines 27-31]. 

As to claim 13, Reeds et al discloses that at least one communication key comprises an 
integrity key [column 4, lines 27-31]. 

As to claim 15, Reeds et al discloses generating a plurality of keys, as discussed above. 
Reeds et al discloses transmitting at least one key from the plurality of keys to a communications 
device communicatively coupled to the subscriber identification device and holding private at 
least one key from the plurality of keys [column 4, lines 27-31]. Reeds et al discloses generating 
a signature at the communications device using both the at least one key transmitted to the 
communications device and a transmission message, as discussed above. Reeds et al discloses 
that generating is implemented by hashing a concatenated value formed from the at least one key 
and the transmission message, as discussed above. Reeds et al discloses transmitting the 
signature to the subscriber identification device [column 6, lines 36-67]. Reeds et al discloses 
receiving the signature at the subscriber identification device [column 7, lines 35-67]. Reeds et 
al discloses generating a primary signature from the received signature [column 6, lines 36-67]. 
Reeds et al discloses that the generating is implemented by hashing a concatenated value formed 
from the at least one private key and the signature received from the communications device 
[column 6, lines 36-67]. Reeds et al discloses conveying the primary signature to a 
communications system [column 6, lines 36-67]. 
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As to claim 17, Reeds et al discloses a memory and a processor configured to implement 
a set of instructions stored in the memory, as discussed above. Reeds et al discloses that the set 
of instructions for selectively generates a primary signature based upon a key that is held private 
from the mobile station and a secondary signature that is received from the mobile station, as 
discussed above. 

Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Dean et al U.S. 
Patent No. 6,173,173 Bl as applied to claim 1 above, and further in view of Applied 
Cryptography (hereinafter Schneier). 

As to claim 2, Dean et al discloses using hash functions, as discussed above. 

Dean et al does not teach that the hash function is the Secure Hash Algorithm (SHA-1). 

Schneier teaches the Secure Hash Algorithm (SHA-1) and its benefits [pages 442-445]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Dean et al so that the hashing function was the 
Secure Hash Algorithm (SHA-1). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Dean et al by the teaching of Schneier because there are no 
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known cryptographic attacks against SHA and it is more resistant to brute-force attacks [page 
445]. 

8. Claims 3, 4, 6 and 7 are rejected under 35 U.S.C 103(a) as being unpatentable over 
Dean et al U.S. Patent No. 6,173,173 Bl as applied to claim 1 above, and further in view of 
Deindl et al U.S. Patent No. 6,076,162. 

As to claims 3, 4 5 6 and 7, Dean et al does not teach that generating the initial value 
comprises padding the first key. Dean et al does not teach that generating the initial value further 
comprises adding the padded first key bit-wise to a constant value. Dean et al does not teach that 
generating the local initial value comprises padding the second key. Dean et al does not teach 
that generating the local initial value further comprises adding the padded second key bit-wise to 
a second constant value. 

Deindl et al teaches padding a key and adding the padded key bit-wise to a constant 

value. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Dean et al so that the initial values would have 
been generated by padding the first and second key and adding both of the padded keys to a 
constant value. 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Dean et al by the teaching of Deindl et al because data can 
be extended to fill up any necessary block length [column 4, lines 46-56]. 
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9. Claims 14 and 16 are rejected under 35 U.S.C. 103(a) as being unpatentable over Reeds, 
III U.S. Patent No. 5,204,902 as applied to claims 11 and 15 above, and further in view of 
Applied Cryptography (hereinafter Schneier). 

As to claims 14 and 16, Reeds discloses using hash functions, as discussed above. 

Reeds does not teach that the hash function is the Secure Hash Algorithm (SHA-1). 

Schneier teaches the Secure Hash Algorithm (SHA-1) and its benefits [pages 442-445]. 

Therefore, it would have been obvious to a person having ordinary skill in the art at the 
time the invention was made to have modified Reeds so that the hashing function was the Secure 
Hash Algorithm (SHA-1). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Reeds by the teaching of Schneier because there are no 
known cryptographic attacks against SHA and it is more resistant to brute-force attacks [page 
445], 

Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
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however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Aravind K Moorthy whose telephone number is 703-305-1373. 
The examiner can normally be reached on Monday-Friday, 8:00-5:30. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R Sheikh can be reached on 703-305-9648. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



May 4, 2004 



AYAZ SHEIKH 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




